JavaScript

openid-client is a Relying Party(RP) implementation for node.js servers. Wide feature coverage including optional specifications such as ID Token and UserInfo claim encryption support, JWT Client Authz and more make it the go to library for node.js clients. Passport.js strategy is included.

Lua implementation to make NGINX operate as an OpenID Connect RP or OAuth 2.0 RS using the Lua extension scripting features (http://wiki.nginx.org/HttpLuaModule) which are for the instance part of OpenResty (http://openresty.org).

The PingAccess server offers a completely new way to manage access to your web applications and application programming interfaces (APIs). By providing role and attribute-based access control that applies policies based on identity, you can enable access from any client to any application.

The Gluu Server is a free open source identity and access management platform for single sign-on, mobile authentication, and API access management that includes a comprehensive implementation of an OpenID Connect Provider and Relying Party

Target Environment: The Gluu Server OpenID Provider is written in Java. Packages are available for Centos, Red Hat, Ubuntu, and Debian.

The Gluu Server is a free open source identity and access management platform for single sign-on, mobile authentication, and API access management that includes a comprehensive implementation of an OpenID Connect Provider and Relying Party

Cobalt is an identity and access management (IAM) platform for the cloud. It includes a federated identity service that supports both OIDC and SAML 2.0, as well as a cloud identity store with an integrated identity data management service based on OData and a fine-grained authorization service based on XACML.

Target Environment: Java on Vert.x

License: Proprietary software licensed by subscription

Certified By: ViewDS

Conformance Profiles: Basic OP, Implicit OP, Config OP

JavaScript

oidc-provider is an OpenID Provider(OP) implementation for node.js servers. It provides a mountable or standalone implementation of the specifications including a variety of optional features (encryption, JWT Client Authz, Dynamic Registration, PKCE, and more…). No predefined data models or frontend views, as soon as you’re ready you take them over the bundled ones go away, leaving you with just the spec implementation.

AuthMachine is a software platform that can be setup in minutes and delivers powerful, pain-free Identity and Access Management (IAM) within your private cloud. In addition to conforming to all six OpenID Connect profiles (Basic OP, Implicit OP, Hybrid OP, Config OP, Dynamic OP and Form Post OP) AuthMachine also provides functionality such as adaptive authentication to prevent phishing attacks, multi-factor authentication, Single Log Out (SLO), registration/sign-up, self-service password resets.

Target Environment: Core application: Python — Admin Console: Javascript/ReactJS — Deployment environment: Docker-based software appliance that can be run on a single server, or easily configured to run in a high-availability architecture on AWS or other clouds

Cloudentity is a privacy-first CIAM (Customer Identity and Access Management) platform. CIAM.next securely identifies and authorizes: Users, Services and Things that should have access to your data and keep out those who should not. We do this with powerful, cloud-native identity and access control microservices which integrate quickly, seamlessly and efficiently with your existing hybrid-cloud architecture to provide in-depth: Visibility, Protection and Enforcement at the API level.

The Curity Identity Server offers a unique combination of IAM and API management. Using OAuth, OpenID Connect, JSON Web Tokens, SCIM and other protocols, it enables secure, standards-based integrations with apps and APIs at a larger scale.

The Gluu Server is a free open source identity and access management platform for single sign-on, mobile authentication, and API access management that includes a comprehensive implementation of an OpenID Connect Provider and Relying Party.

The Gluu Server is a free open source identity and access management platform for single sign-on, mobile authentication, and API access management that includes a comprehensive implementation of an OpenID Connect Provider and Relying Party.

Gravitee.io Access Management is a flexible, lightweight and blazing-fast open source OpenID Connect/OAuth 2.0 provider aims to be a bridge between applications and identity providers to authenticate, authorize and getting information about user accounts.

IBM Cloud Identity is a born-in-the cloud IAM service that makes identity friendly for both consumers and the workforce. Delivered from the cloud, easily customizable via APIs, or in combination with other access management tools, Cloud Identity can help you deliver trusted authentication with a frictionless user experience that balances security and convenience.

IBM Security Access Manager helps you simplify your users’ access while more securely adopting web, mobile, IoT and cloud technologies. It can be deployed on-premises, in a virtual or hardware appliance or containerized with Docker. ISAM helps you strike a balance between usability and security through the use of risk-based access, single sign-on, integrated access management control, identity federation and mobile multi-factor authentication.

WSO2 Identity Server is an identity and entitlement management server that facilitates security while connecting and managing multiple identities across different applications. It enables enterprise architects and developers to improve customer experience through a secure single sign-on environment.

Mobile Connect is a worldwide Mobile Network Operator initiative providing a set of authentication, authorization and identity services for use by online companies. Mobile Connect has adopted and uses the OpenID Connect standard to ensure worldwide interoperability.

Easily log in and sign with your Belgian eID. To prove your identity on the internet, you increasingly need an identity card and card reader. With myID.be you use our myID.be app. What you want to log in somewhere? Then you only need to scan a QR code and enter a five-digit PIN code. This way you can prove who you are on the web quickly, easily and safely. And you don’t need your card reader. Don’t have a smartphone or tablet? No problem: logging in with an identity card and card reader is still possible!

Symantec Norton Secure Login is a high assurance authentication infrastructure architected to support users and services used by millions around the world. It features the world’s leading two-factor authentication service VIP, and is also a FICAM certified CSP.

Onegini Connect is a Customer Identity and Access Management Platform (CIAM). It allows you to connect, manage, and engage with your customers while providing top-notch security and a great customer satisfaction.

OpenAthens Keystone is a content provider solution that can connect to a wide range of authentication systems which support SAML 2.0 and OpenID Connect. Our product works in any national access management federation.

An Open Liberty server can be configured to act as a specification-compliant OpenID Connect Relying Party by enabling the socialLogin-1.0 feature. Additional options in the Liberty server configuration allow server administrators to further modify and adapt the behavior of the RP based on their needs.

The PRIVO iD platform is a regulated privacy compliant family friendly single sign-on customer identity and permission management platform (IDaaS). By leveraging the capabilities, children can experience seamless access to online experiences while maintaining compliance and preserving privacy.

Target Environment: PRIVO’s SaaS for consent management and family friendly single sign-on offers a robust third party security architecture that is built for scale, easy integration, low maintenance and risk mitigation using open standard technologies such as RESTful Web services, OAuth 2.0, OpenID Connect and SAML. All features are exposed via APIs.

The Deutsche Telekom implementation covers the basic flow from the core specification and the OpenID Connect Discovery. We have added several Deutsche Telekom specific extensions to support e. g. session management, logout (Front-Channel, not based on the oidf draft), additional Grant Types, etc.

The Identity Hub is the Identity & Access Management Portal and Product Suite of U2U Consult N.V./S.A. The Identity Hub makes it easy for your users to connect to your app (mobile, PC, web, SharePoint, …) using all major identity providers like Office 365, Active Directory, Microsoft, Facebook, Google, Twitter, My Digipass & more, including your corporate databases. Your app users can securely login with the identity provider they already have or the one you set up for them.

User Account and Authentication (UAA) is an open source identity server project under the Cloud Foundry foundation. UAA provides enterprise scale identity management features and identity-based security for applications and APIs and supports open standards for authentication and authorization.

VerifyMyIdentity is an open source implementation of OIDC in Python/Django. It supports account management, Vectors of Trust (https://tools.ietf.org/html/rfc8485) and FIDO (https://fidoalliance.org/). It was created to support exchange of sensitive information such as health information.

VERIMI is the home of your digital identity. Simplify your everyday life by securely reusing stored data in your interaction with companies and authorities on the Internet. With the help of cutting-edge technologies, VERIMI enables the combination of user-friendliness with the highest security and data protection standards.

A WebSphere Liberty server can be configured to act as a specification-compliant OpenID Connect Relying Party by enabling the openidConnectClient-1.0 feature. Additional options in the Liberty server configuration allow server administrators to further modify and adapt the behavior of the RP based on their needs.

Yahoo! ID Federation enables the access to the protected resource of the user of service provider (Service Provider) without passing user’s credential (ID and password) to website and application (Consumer).Yahoo! ID Federation provide when accessing via the API to the resource that requires authorization, the degrees of freedom and convenience.

Certified Financial-grade API (FAPI) OpenID Providers

Authlete provides a partially hosted or on-premise implementation of OAuth and OpenID Connect that allow custom user authentication components to call an API which processes the incoming standard-compliant request messages and returns actions for the custom component to execute.

Cloudentity is a privacy-first CIAM (Customer Identity and Access Management) platform. CIAM.next securely identifies and authorizes: Users, Services and Things that should have access to your data and keep out those who should not. We do this with powerful, cloud-native identity and access control microservices which integrate quickly, seamlessly and efficiently with your existing hybrid-cloud architecture to provide in-depth: Visibility, Protection and Enforcement at the API level.

The Curity Identity Server offers a unique combination of IAM and API management.
Using Oauth, OpenID Connect, JSON Web Tokens, SCIM and other protocols, it enables secure, standards-based
integrations with apps and APIs at a larger scale.

A full compliant model bank that providers a Reference Bank Application, used by leading banks and third parties to build their own applications in accordance with Open Banking standards.

Programming language: Our Open Banking sandbox is ForgeRock stack. We all offer our sandbox as a service.

Certified by: ForgeRock

Conformance Profiles: FAPI R/W OP w/ Private Key

Gluu Server 4.2

The Gluu Server is a free open source identity and access management platform for single sign-on, mobile authentication, and API access management that includes a comprehensive implementation of an OpenID Connect Provider and Relying Party.

oidc-provider is an OpenID Provider(OP) implementation for node.js servers. It provides a mountable or standalone implementation of the specifications including a variety of optional features (encryption, JWT Client Authz, Dynamic Registration, PKCE, and more…). No predefined data models or frontend views, as soon as you’re ready you take them over the bundled ones go away, leaving you with just the spec implementation.

The Ozone Sandbox provides a full simulation of PSD2 compatible API standards, so that ASPSPs can meet their regulatory obligations in regard to providing testing facilities for Fintechs and Third Party Providers. It is easily extensible to cover both regulatory
and commercial/premium APIs for banks in any market beyond PSD2 in Europe.

The SDBC for OpenAPI provides OAuth 2.0 Authorization Server.
It can easily provide an authorization server for OpenAPI using the legacy authentication system.
SDBC for OpenAPIはOAuth2.0認可サーバ機能を提供します。
既存の認証基盤を用いて容易に認可サーバ機能を提供することができます。

Ping Identity is developing product features in order to meet or maintain the technical requirements for conformance FAPI2, Open Banking UK and their derivatives. PingFederate functions as the OIDC provider and OAuth Authorization Server, providing banks the ability to authorize users and TPP clients and to issue and validate tokens when accessing financial APIs. A sample Reference Implementation is available to Ping Customers and Partners.

Certified Financial-grade API (FAPI) Relying Parties

openid-client is a Relying Party(RP) implementation for node.js servers. Wide feature coverage including optional specifications such as ID Token and UserInfo claim encryption support, JWT Client Authz and more make it the go to library for node.js clients.

This website uses cookies to allow us to provide you the best experience while visiting our website. By continuing to use the site, you are agreeing to our use of cookies. You can change your cookie settings at any time but if you do, you may lose some functionality. More information may be found in our Privacy Policy.Confirm